This Monday Azure AD MFA was down over 12 hours preventing users from logging in to Office 365. As MFA is usually mandatory for administrators by company policy, they couldn’t log in either. In this blog, I’ll show how to create a backdoor to Azure AD so you can log in and bypass MFA.
For the last couple months I’ve used most of my free time on studying and hacking Azure AD admin APIs. As a result, I’m finally publishing the first (beta) version of the AADInternals PowerShell module.
By default, any user of Office 365 or Azure AD tenant can read the content of Azure AD using PowerShell and Graph API Explorer. This is a serious security issue because users have undetectable access to other users’ personal data, which violates for instance GDPR. In this blog, I’ll tell how to prevent the access.
Azure AD PowerShell module was earlier installed by a standard .msi package. Now you can install it using one PowerShell command. However, installation requires PowerShell 5 or newer.
If you are using Microsoft DNS for Office 365 DNS records, you can create the required records easily with PowerShell.
PowerShell profile makes connecting to Office 365 a lot easier!
By default, AD FS only supports SSO with Internet Explorer. However, you can easily enable support for Google Chrome, Firefox, and Edge.
This article explains how to connect Office 365 using PowerShell and more!